Mozilla Goes Silent for Firefox 12

New updating mechanism debuts for open source web browser.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

The Firefox 12 web browser could well be the last Firefox browser that you ever have to manually install yourself.

Beginning with the Firefox 12 release today, Mozilla is baking in a silent updating mechanism – for Windows users only. There is no change on Mac and Linux users. Instead of a user manually needing to click and update to the latest Firefox release, with Firefox 12 and beyond, updates can be set to automatically occur in the background, without user delay, silently.

"This feature works via a background process that is only activated during an update," Lawrence Mandel, Engineering Program Manager at Mozilla, told InternetNews.com. "The service isn't running when it's not checking so this does not impact memory or CPU usage."

Moving to a silent update process is something that Mozilla has been talking about since the end of 2011. Mozilla moved to a rapid update process in 2011 that has generated new Firefox browser releases every six weeks. It's a process that has been more cumbersome for users, but the silent update will now help to solve that issue.

Keeping users up to date overall is always a challenge and one that presents a security risk for those who lag behind. Google's Chrome browser has had silent updates since its inception and Adobe has recently moved its Flash player to a silent updating mechanism as well. Unlike Chrome, however, Firefox users will still have the option to not enable silent updates.

For Firefox, Mandel noted that updates will happen in the background but not take effect until the browser is restarted. "The overwhelming majority of Firefox users restart within 24 hours so we expect quick uptake of new Firefox versions," Mandel said.

Silent updates themselves could potentially be a risk for users though, as their browser automatically updates. It's a risk that Mozilla has gone to great lengths to minimize and eliminate.

"We have conducted a thorough security evaluation of this feature and have a number of security safeguards that specifically guard against man-in-the-middle attacks," Mandel said. "We sign all of our Mozilla ARchive (MAR) files and will only apply updates for officially signed MAR files."

The Firefox 12 release also provides 13 security advisories for vulnerabilities that have now been patched. Of those, seven are rated as having critical impact and deal with a host of memory related flaws. There are also four high-impact flaws, including a pair of cross site scripting flaws and a site identity spoofing issue with RSS feeds.

View Source

Looking beyond silent updates, Mozilla is also providing a developer focused capability in Firefox 12 that many developers have been waiting years to get. Firefox 12 now provides line numbers in the view source dialogue box, making it easier for developers to work with HTML code.

"Recent re-writes and re-architecting made adding line numbers easier than it would have been in the past," Kevin Dangoor, Product Manager, Developer Experience at Mozilla told InternetNews.com.

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.

Tags: open source, browser, Mozilla Firefox

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.